Search

Subscribe

NSA Targets the Privacy-Conscious for Surveillance

Jake Appelbaum et al., are reporting on XKEYSCORE selection rules that target users -- and people who just visit the websites of -- Tor, Tails, and other sites. This isn't just metadata; this is "full take" content that's stored forever.

This code demonstrates the ease with which an XKeyscore rule can analyze the full content of intercepted connections. The fingerprint first checks every message using the "email_address" function to see if the message is to or from "bridges@torproject.org". Next, if the address matched, it uses the "email_body" function to search the full content of the email for a particular piece of text - in this case, "https://bridges.torproject.org/". If the "email_body" function finds what it is looking for, it passes the full email text to a C++ program which extracts the bridge addresses and stores them in a database.

[...]

It is interesting to note that this rule specifically avoids fingerprinting users believed to be located in Five Eyes countries, while other rules make no such distinction. For instance, the following fingerprint targets users visiting the Tails and Linux Journal websites, or performing certain web searches related to Tails, and makes no distinction about the country of the user.

[...]

There are also rules that target users of numerous other privacy-focused internet services, including HotSpotShield, FreeNet, Centurian, FreeProxies.org, MegaProxy, privacy.li and an anonymous email service called MixMinion as well as its predecessor MixMaster. The appid rule for MixMinion is extremely broad as it matches all traffic to or from the IP address 128.31.0.34, a server located on the MIT campus.

It's hard to tell how extensive this is. It's possible that anyone who clicked on this link -- with the embedded torproject.org URL above -- is currently being monitored by the NSA. It's possible that this only will happen to people who receive the link in e-mail, which will mean every Crypto-Gram subscriber in a couple of weeks. And I don't know what else the NSA harvests about people who it selects in this manner.

Whatever the case, this is very disturbing.

EDITED TO ADD (7/3): The BoingBoing story says that this was first published on Tagesschau. Can someone who can read German please figure out where this originated.

And, since Cory said it, I do not believe that this came from the Snowden documents. I also don't believe the TAO catalog came from the Snowden documents. I think there's a second leaker out there.

EDITED TO ADD (7/3): More newsstories. Thread on Reddit. I don't expect this to get much coverage in the US mainstream media.

EDITED TO ADD (7/4): EFF points out that it is illegal to target someone for surveillance solely based on their reading:

The idea that it is suspicious to install, or even simply want to learn more about, tools that might help to protect your privacy and security underlies these definitions -- and it’s a problem. Everyone needs privacy and security, online and off. It isn't suspicious to buy curtains for your home or lock your front door. So merely reading about curtains certainly shouldn’t qualify you for extra scrutiny.

Even the U.S. Foreign Intelligence Surveillance Court recognizes this, as the FISA prohibits targeting people or conducting investigations based solely on activities protected by the First Amendment. Regardless of whether the NSA is relying on FISA to authorize this activity or conducting the spying overseas, it is deeply problematic.

Comments

"It also records details about visits to a popular internet journal for Linux operating system users called "the Linux Journal - the Original Magazine of the Linux Community", and calls it an "extremist forum"."

By that same logic, your blog must be a jihadi recruitment centre, Bruce.

I speak German. The Tagesschau story indeed claims that it originates with the Tagesschau.

In particular, their news article claims that two german regional public broadcasting institutions, the WDR and the NDR, have access to parts of the XKEYSCORE source code. Apparently, this includes actual filter rules.

The Tagesschau is a programme run by the umbrella organization, the ARD, of which WDR and NDR are two regional chapters.

I also think this is not a Snowden leak -- for the simple fact that this leak comes very close to addressing what the Snowden doc disclosures and Team Snowden have steadfastly avoided for over a year now. Namely, that the only possible purpose for spying on this scale is the creation and cultivation of government informants.

This very specific targeting of tech security and somewhat tech savvy persons is precisely the sort of thing you would do were you looking to create informants, under the theory that these people are both self-selecting as having information and relationships they want to keep private and that they move in circles that you want to infiltrate.

If I am right, the next leak from this source will explicitly address the topic of informants.

"It [NSA] also records details about visits to a popular internet journal for Linux operating system users called "the Linux Journal - the Original Magazine of the Linux Community", and calls it an "extremist forum"."

We are all extremists now, I guess.

By the way, the liveblog of the testimony of binney at the german parliament gets longer and longer, and scarier:

Well anyone reading Schneier is definitly on NSA list! I mean most of the people who follow Schneier have the technical know how to privacy. I'd be interesting to see how much of Schneier communication is being tracked, I am sure that he is high up in the watch list ;)

A few weeks ago I speculated that the people reading this blog are "people of interest" to the NSA. Some responded that this would not change their participation and the expression of ideas.

Now with the current revelation, and the quote attributed to Gen. Alexander from last year (*) (which I was not aware of until today), this is where we face a quasi-confirmation to my speculation, and I wonder (again) if this will have any impact on any of the Schneier's blog participants.

(*) From P.2 of the ndr.de article: "The former NSA director General Keith Alexander stated that all those communicating with encryption will be regarded as terror suspects and will be monitored and stored as a method of prevention, as quoted by the Frankfurter Allgemeine Zeitung in August last year"

Have to say that after the initial Snowden revelations I've assumed NSA could and would track extraordinary measures as a first order of its business. It's why I use my real name and primary email online along with my ISP's DNS, and avoided all the currently trendy privacy tools. Who's going to call more attention to himself and get arrested after a burglary? The guy who is skulking down the sidestreets dashing from shadowy alley to alley, or the guy who blends into pedestrian traffic on the high street?

@Albin
True, NSA leaks suggest that, if they want to target you specifically they will get you, but we've also learnt that properly implemented privacy tools (Tor, good crypto, etc.) generally work. Crucially, the more people using it, the harder it is to implement totalitarian mass-surveillance programmes. How easy would it be to "assume that everyone who uses encryption is a terrorist" if the bulk of internet traffic was adequately encrypted (as it should)?

Another German here. The article promises more indepth news to be broadcast in a political TV magazine (Panorama) in about two hours.
But if they really have a new leak, they would not mention it, would they?
I would not normally watch that, but perhaps I'll make an exception.

I truly hope everyone knows they're being manipulated through the use of media and word choice when it comes to these surveillance issues. Replace "Snowden" and "leaker" with "NSA" or "government", and "leaked" with "announced" and you get a better picture of what's actually going on.

The content they're providing is easy to digest - they've made it into something you'd expect to read in a spy novel. They have even leaked that there's use of psychological approaches to manipulate, yet everyone keeps gobbling it up. I see three possibilities of why they're announcing these things: (a) acclimation, (b) distraction, (c) preparation.

Welcome to the United States of Earth. It is now a terrorist act to have a private conversation! And if saying so will get us arrested, pick me first! It will not change my participation level until my computer is forcefully taken away from me.

I run Chrome and Firefox (both generally up to date) with SSL Everywhere and Ad Block Plus, with both Java and Flash off by default. All other software is kept reasonably up to date. Still, both browsers seem more than a bit flaky, especially when I visit techdirt, schneier.com, and Wired.

1) Do others see a similar issue (more frequent browser crashes on "interesting" web sites)?
2) Given this recent release, should I give weight to Dr. Kissinger's "Even a paranoid..."?

@A Nony Mouse, not particularly. Consider using a linux distro/FreeBSD, keep your firewall rules in order, wipe your hard drive & MBR every now and then for a fresh install. If you are a target it will not stop them, but it will keep both of you so much more entertained.

This is the catch-22 of organized privacy systems. If you go out of you way to manifest privacy it looks suspicious. Privacy systems that try to make communications anonymous do help real criminals. It would be best if regular people completely avoid Tor and Tails as regular people don't need it. There is no benefit in my mind to making it harder for intelligence agencies to judge what is a potential treat and what is ordinary communication. It is worth fighting for the right of all Americans to communicate freely without being watched, but it's better to just communicate openly and let them listen than to go underground and behave like criminals. If people don't want to be watched then simply say as much to your congressmen and senators. We enforce our rights by openly exercising them, not by ducking into the shadows of the internet.

There are technical portions of most spy novels as well - not this technical, but I generally wasn't referring to the content of the "leaks" itself. Rather, the way they present it is like a spy novel: he's fleeing the country, U.S. government tried to take down his plane, now he's holed up in Russia fearing for his life. How easy would it be to manufacture this story?

Everyone reading this blog has interest in security to some extent, so I'm curious to know why most, Bruce Schneier included, are willing to trust someone they didn't know existed before approximately June 2013. Treat it like user input - don't trust it.

So now Tor and encryption are "the shadows of the internet"? Journalists reporting from hostile territories, families avoiding the invasive profiling and Stasi-style recording of their private life, businesses exchanging financial information in a way that avoids unlawful and illegitimate industrial espionage from 3rd party nations... those are all criminals, are they? You tell us that we should docilely open up our computers and connections to the abuses of a totalitarian-style mass espionage system and simply send a friendly e-mail to our senator. After reading the reports of people who have worked for this putrid system and now regret it, after watching their highest representatives lie to their own governments, after watching the lack of accountability and blatant disregard for the dignity of citizens worldwide (and perhaps more worryingly, their own citizens), I've made my mind up.

Where did the reporting originate first?
Tagesschau and Panorama are on the same German national tv network (more formally called ARD but more modern branding is "das Erste" - look for "daserste" in domain names).
Tagesschau is "the" traditional German TV news show with several daily slots of upto 15 minutes; station NDR of ARD runs Panorama as a monthly prime time magazine doing more in depth reporting some times with a bit of investigative touch, and that's where the topic will be aired as a part of tonight's show of an hour.
Tagesschau is being used to send out teasers for the Panorama show; so of course they went on air first - and also did some early publication online.
The research and more in depth writing certainly has been done with Panorama staff (or a larger collaboration) - that type of work does not fit so well into Tagesschau focus and format.

Heck, Bruce has probably been monitored, bugged, followed, and tracked ever since he published Applied Cryptography! My father was monitored by a former CIA operative from the time he went to Russia in the 1950's to deliver a paper at the International Geophysical Year (IGY) conference there. Interestingly enough, they became good friends, as did both our families, and one of my best friends got married in their back yard! I think it helped that my father was also instrumental in extracting a number of dissident scientists from the Soviet Union during the cold war, and others from Argentina during their "Dirty War".

It seems that the appropriate response from a free and democratic people would be a sort of digital "I am Spartacus" -- everyone should visit these "extremist" sites once or twice per day, even if he or she has no personal interest in using TOR, TAILs, etc.

(Barring that, I'd settle some botnet master or two telling a few million of their zombie minions to do the same.)

According to the testimony of whistleblower binney, at the german parliament http://goo.gl/nBwk1p before 2001, NSA "created a network graph of the entire world where" they "could zoom in separate network parts and filter all emails and phone calls from there". Accidentially, just at the same time around 2001 http://goo.gl/uoYMXm , the software tor, which promises the user anonymity on the assumption that no agency can monitor the entire internet, was created with support of the Defense Advanced Research Projects Agency (DARPA) of the United States.

A huge problem, says Binney, is that the NSA collects too much data to analyze them all. So they somehow needed to separate traffic of ordinary people and of suspects. For this job, tor is very suitable indeed.

By noting the IP address of anyone who downloads tor or accesses a tor directory authority they get IP addresses of people who want to be anonymous for some reason, Thereby with tor's help, the NSA spooks get at least a special set of target persons to begin their analysis with.

Why? Because unlike tor, retroshare has no exit node. For the NSA, tor has the favor that it directs the communications of several suspects to an exit node, which it then can monitor to get several targets.

In contrast to this, retroshare is an encrypted friend to friend network. Monitoring that would mean that NSA would have to go to court to monitor the connection of every user individually, since the traffic is not bundled over central servers.

Also, the communication partners of retroshare connect themselves like in pgp, by handing over their public key needed to encrypt chats, voip, mails, and files per snailmail or via pgp.

Thereby retroshare evades the large security problems of tor. Retroshare has, however, no support from darpa or other NSA related idiots. This is why retroshare is lesser known.

I always assumed that I am monitored six ways till Sunday: Born in the wrong country; working on NATO military stuff; working in the middle east on military stuff; visits Schneier on Security; uses TOR and Linux; always wears black sunglasses (either snow or desert); buys lots of little widgets from Sparkfun Electronics; ex military signals officer; married to a Slav; sometimes wears a CCCP T-shirt.

It noted that I was logging in from a Netherlands IP (correct Tor exit node, but I am in U.S.) and therefore suspected me of being an attacker. I was requested to supply my back-up (Google) email address. Since the account I was trying to access has no back-up account, and playing credential games was unappealing at that juncture, I hit the power switch and went outside to cut some weeds.

Later I logged in to a different Gmail account and was granted entry. BUT.... near the top of the Inbox screen - in what had always been white space before - there was a deep-red bar with text within, which read (something like):
/You appear not to be you. Click here to fix this./
Come again? If you suspect that I am not me, then why did you grant entry??!

Most Americans are unhappy with the government; congress has only a 10% approval raiting. This is a major problem that needs to be corrected, and there's only one solution: crack down on all the anti-American dissidents while spreading pro-status quo propaganda. Remember, blame China for all of our problems - America is a free, capitalist country, and that makes us infallible.

I have read a number of these articles, disclosing this particular sourcecode - and also looked at the source code directly. It is interesting to see that the German article (my mother tongue is German) does not mention anything at all from where they got this from.
Is this because they cannot name the source (as in to "keep it secret"), don't want to (because it would make the article unbelievable) or cannot, (because they simply don't know), and they got the information anonymous.

I cannot proof what I think, but it seems to me a little bit constructed the whole thing. Don't get me wrong, I am not saying they couldn't do what they are supposedly doing, I just don't believe that this source code is for real.
One hint could be "why Linux Journal"? I am a passionate Linux User, and I do not consider Linux Journal to a "high end" magazine for real hackers or professionals anymore. It is now more mainstream than ever.

I kinda have the idea - and I am going out on a limb here, as this is a bit far-fetched - that maybe somebody is planning to discredit the whole thing with Snowden? If this is true, then we should expect more of this information come soon.

It seems that the appropriate response from a free and democratic people would be a sort of digital "I am Spartacus"

The National Spartacus Association would be kinda cool.

I used to run background scripts that made random Google queries built from a list of "bad words." Also one that did periodic GETs using a db of URLs that I thought were obviously anti-surveillance, and others that just helped build a profile of a very unbalanced person. (I would most likely be categorized as a neo-Nazi Bronie who enjoys throwing Hummel figurines at people who deny squirrel-ogenic climate change.)

Of course, making lots of background noise doesn't do anything for any individual person outside of providing an amusing (and, admittedly, petty) distraction. It would only be useful if done in incredibly high volume.

Also, continue doing your part to keep America safe by immediately reporting any of these other suspicious scenarios:

~Locked doors.
~Windows with curtains.
~Safes w/o the combination clearly displayed.
~Persons who shut the door when using the restroom.
~Persons who appear nervous or anxious when you watch them for extended periods of time.
~Persons using the phrase, "That's none of your business."
~Persons who do not enthusiastically comply to having their genitals inspected.
~Whispering.

...and know your blind obedience has not gone unnoticed - your place in the Party is assured.

I get the strategy of gathering IPs/metadata of whoever downloads the Tor bundle or other privacy software for future timing attacks of a completed network circuit to determine what they're up to, but the Linux Journal forums being deemed "extremist"? Is there secret ISIS sleeper cells on there handing out advice for iptables or something?

I just bought How Linux Works, 2nd Edition from NoStarchPress wonder if that makes me an enemy of the state.

Yes, the interpretation of the Linux Journal URL is overbroad. The code says "These variables define terms and websites relating to the TAILs (The Amnesic
Incognito Live System) software program, a comsec mechanism advocated by
extremists on extremist forums"

BUT, it does catch everything at "linuxjournal.com/content/linux*" as a reference to TAILS, which is ridiculous overkill. That would sweep up almost every sysadmin in the industry.

It's like whoever programmed these URL filters has never heard of Linux. But surely they're not running XKeyscore on Windows 8?

I pretty much do what you do except I don't use my real name on the Internet. I am not worried about government surveillance but commercial surveillance. I also don't use email interactively anymore because I believe the free email providers, especially Google, are building profiles of the people who email their users.

These days, I pretty much only communicate via public forums or commenting systems, which are public and I have no expectation of privacy.

- The common standards for cryptographic key exchange methods (such as Diffie Hellmann, Elliptic Curve Diffie Hellman) having constants (moduli, curve parameters) chosen by the NSA such that they have the capability to obtain the secret key, given an intercepted key exchange and some information probably available to the NSA only, from which the constants were derived

- Same is true for cryptographic random number generators (Dual_EC_DRBG).

- Breaking RC4 with some cryptographic attack not yet known to the public.

Bruce Schneier obviously holds US citizenship, but since, as a cryptographer, he is having lots of discussions with foreign cryptographers that are obviously targets, he is most likely a target "en passant", a legal justification for surveilling US citizen the NSA is well known to use.

Can we suppose that XKeyScore actually refers to 'scoring' intel. (or subjects) based on 'keys' - a classification, a pattern match, like the one referred to as fingerprint(ct_mo/TAILS) above? Much as heuristic spam filtering works.

What happens next is scary though. Do people go through this data looking for correlations, in order to score and classify subjects as 'good' or 'bad' people? Probably not yet, but building up an AI knowledgebase like this means it inevitably would be abused that way.

Maybe for now, the facts are merely noted, for when an analyst later wants to narrow down a set of 'bona fide' subjects to get at the most interesting ones, or get a quick overview of them based on past collected data.

But that would imply the monitoring is already happening 'full-take' - preemptively, I guess you could call it - only analysed by a computer program instead of humans, in order to keep the lawyers happy (or confused).

The "Tor is subverted" analysis sounds great because it's cherry picking facts and speculation for one side. I'm adding a few things that have been left out:

1. It was made by anonymity researchers in conjunction with the U.S. Navy *for operational use.* It's actually still used today by military, intelligence, and LEO personnel. They have quite an interest in ensuring it works as advertised and against foreign TLA's.

2. DARPA and NSF both fund plenty of tech that can absolutely kill the effectiveness of many NSA programs. (I've used them for exactly that in the past.) They describe them in detail in publications, sometimes allow code/specs to be published, and sometimes spin them off into (possibly subverted) companies. Them as a source of funding means nothing as they work both sides. The *product* should be reviewed, not the wallet.

3. Wikileaks and other opponents of the DOD used Tor when they were causing them tons of pain. If they could beat Tor, they would have and then used parallel construction. That the fall of each group was financial or typical poor OPSEC... after doing tons of damage... supports they *couldn't* beat Tor.

4. GCHQ is quite capable. Not against Tor as of a few years ago, though. I'd expect NSA to be only a little ahead.

5. There is a subversion risk. Yet, the protocol and implementations get more scrutiny than almost any other cryptoscheme. Only PGP, SSL, etc get comparable review. There's a ridiculous number of academics doing great on offense and defense. The activity doesn't resemble how typical subversions work.

If anything, the most serious weakness of Tor is that people run it on untrustworthy platforms connected to an adversary-owned network. This is why I don't trust it. The other reasons people are giving don't stack up when *all* the facts are on the table. If anything, Tor has the weaknesses almost every other piece of software has, except with less exposure to the enemy.

I think the time to be "disturbed" is way past. This reminds me of what I learned of the 3rd Reich in school: They did whatever was possible without ever questioning whether they might be going down the wrong path. The only thing that limited them was practicalities. For example, they did not kill the Jews and other "undesirables" faster, because they had trouble burning the bodies. They did not start more wars, because they already had wars on all available borders. And they uses spying on their citizens, propaganda and repression to the max.

What we currently see is the last stages of preparations to go to that maximum. Admittedly, things are mode subtle, and killing people is not the main means of getting rid of the undesirables anymore, but lifetime imprisonment is just as efficient and industrialized as the Nazis had maximized efficiencies in their KZs and the respect for prisoners is on exactly the same level, namely none, with complete dehumanization. If there is any significant counter-movement, I just cannot see it. While the good news is that totalitarianism always eventually collapses due to extreme inefficiency, that may take a century or so.

Apparently TOR's goal of complete anonymity can indeed be compromised given certain circumstances. Much work about TOR is available on the internet discussing a variety of attack vectors-- some successful, some not so successful.

My point in agreeing with Benni's point (that TOR is likely a honeypot, therefore use something else) is mostly to express disappointment that such is a probable strategy on the NSA's part if and when they take advantage of successful attacks on its users. Much like the new revelations that XKEYSCORE is using the attraction of publicly available privacy-related material as a way to stratify (perceived) threats. And the Facebook psychological experiment.

Your point that TOR was not designed to be a honeypot is rational. The government is too big with too many competing interests to not cannibalize some of those goals and end up looking suspiciously like a fool in the process.

"Apparently TOR's goal of complete anonymity can indeed be compromised given certain circumstances. Much work about TOR is available on the internet discussing a variety of attack vectors-- some successful, some not so successful."

I agree that's possible. I posted it here before as a counterpoint to a pro-Tor crowd. It's yet another reason I don't use it if Five Eyes are in threat profile. Might still be good against many other malicious actors.

1. The "Linux Journal users are a terrorist line" was picked up and repeated by a lot of reports. That is crying wolf and very bad form in every respect.

I do not think Applebaum is a spy for suggesting that. I think he jumped his guns.

I think he is not a very experienced journalist.

2. Credence to the "maybe another leaker" aspect is there. Applebaum jumping his guns like that is one point. Get something sizzling and there is a rush to press. Again, lack of experience.

3. Another point on the above: Tails was used by Snowden. Likely a secret Snowden supporter who had access to the source in question. Could be someone faking the source.

Very likely this was hastily added in after the Snowden compromise was initially assessed.

4. I normally do not use encryption nor proxies myself, especially when doing anything very secret. Reason being because I want to evade these sorts of radars. This is a contrarian viewpoint, and so I went ahead and pointed out "I may be a spy" with my nick.

I understand the counter point to this.

These sorts of radars I expect to be in place in many quarters, in many nations, many years ago.

I am not disrespecting encryption and privacy tools. I am just explaining my own perspective. I do use them at junctures. This adds credibility to disinformation given to observers when cracking it.

5. I think that any poster on here expects the site to be monitored at the very least on the backbone. In fact, any poster on here probably already assumes that they are under surveillance 24/7. And have for years. Some probably really live up to that standard. Most surely do not.

6. Just to be clear: I may be some manner of spy. If I am or not is inconsequential. If I am, I disagree with these sweeping moves by the government and I am concerned about privacy. I am concerned about abuse, as Hoover abused these powers before.

There are clearly no checks and balances.

I do think these things were put in place by over zealous, poorly thinking government workers. I believe this is why they are continued in use. I think they genuinely have little to no knowledge of the real dangers of these sorts of powers, and probably have studied next to nothing about Hoover (and Stasi and KHB and, etc, etc, etc ad infinitum) abuses.

I see Feinstein and Obama both as being sell outs on these issues.

7. I doubt Snowden is part of a secret disinformation program. It is true that this could be done. I am certain the Russians will never let that suspicion rest -- they never let that suspicion rest about Kim Philby. And they do not change.

The damage though, I believe, is severe enough that it can be reasonably assumed not to be.

That the heads of these agencies - the ones in charge - were not fired, but instead went on a prime time circuit and ended up with multimillion dollar contracts does seem to imply otherwise.

And there will always be damage in a counter intelligence operation, it is just accepted. A lot of truth with some venom gets the target poisoned.

8. Likely the NSA is cross checking encryption and privacy tools against government employees, contractors, and others in sensitive roles. Very likely.

This is probably a viable method for finding real spies.

(Professional spies on the other hand would do all they can not to get on THAT radar.)

I doubt it has much to do with terrorism in that context. If they are using it globally, such as in Saudi Arabia, Pakistan, wherever; then they probably find many more allies then enemies, people just trying not to be caught by their morality police.

Is there evidence that indicates this list actually selects targets for surveillance, or it only selects these matching queries? I'm dubious if the NSA has capabilities to permanently store the full take of everyone that visited or searched Tor. With all the attention Tor has been getting in the media, I think at least 10% of the internet has looked up Tor at least once sometime.

Cmon! All this hand wringing.... So what if they know who you are - just make them work for it. Then spend every effort to make all of these butt sniffers unemployed and impoverished - with zero chance of significant re employment.

You do this by threatening Congressmen. Make their lives pure hell if they don't can these creeps. Cut their funding to zero. And state representatives? Look at the efforts in in UT, MD others to cut off their water and power.

Cultivate vendettas. If enough citizens made it known that "first opportunity to effectively harm" NSA employees would be taken - well, now these guys again hafta watch their backs. Even when they go to the grocery store.

Meanwhile you spend $49. For the sole purpose of annoying them - perhaps getting them to do something really stupid which starts full scale riots.

Journalists lost credibility when publishing claims supporting an extremist image of the Linux Journal. That means we're extremists if we refuse to lay bare our affairs by using Windows?

In a place under the rule of law, there are prerequisites to accessing one's private conversations and other data. Thus, using better protection ought not be an issue. Want my data? Get a warrant. Depending on how badly I want to resist, get a warrant, a supercomputer, and centuries.

"A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently" [But for what they use tor in the middle east, the website does not disclose, of course. Perhaps they used it for de-anonymizing and blackmailing?]

At least the tor project writes:

"Tor can't solve all anonymity problems. Also, to protect your anonymity, be smart. Be aware that Tor does not provide protection against end-to-end timing attacks: If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit."

And this is exactly what the NSA can do easily. By collecting all users who downloaded tor, NSA monitor where the traffic from these IP's goes into the tor network and they notice where the traffic leaves the tor network and they certainly can do timing analysis with that data. So even the tor homepage basically says that NSA can de-anonymize the tor users.

In order to make sense of your communication, the NSA also has to decrypt it.

Unfortunately, with the tor browser bundle, the decrypting is easy as can be. Most traffic with the tor browser bundle is encrypted with ssl.

But in project "Flying Pig" http://goo.gl/EBcZtR the NSA has shown the ability to even fake google certificates in order to impersonate google itself.

If they can do that, then they also can fake the ssl certificate of the site that you visit with the tor browser bundle. Thereby one has to assume the NSA is massively

a) de-anonymizing and
b) decrypting tor users

What to do now?

Well, for anonymous web surfing, there is a simple option:

Go to an internet cafe of your choice, do not log into any service like email or google or anything and browse anonymously.

For communicating, like email, voip, forums, chats, the first thing to do is to properly encrypt the data.

Moreover, in retroshare, you just connect with your peer that you know personally. this means that unlike in tor, the nsa can not monitor servers where they meet many of their targets together. This creates additional difficulties for them.

But most important is that with retroshare, NSA can not access the content because it is encrypted with pgp and ssl. And this content finally is the thing that the agencies need when they want to resolve you external ip from your provider into a street address of your home.

This step can, in any country, only be reached by a court order. But for a court order, they would first need to de-crypt the content of the communication.

Retroshare is also better for dissidents, since you only communicate there with persons you personally know.

With tor, you communicate with websites that you do not know personally, and you do this over exit nodes that are monitored by NSA.

The only thing, one can do with tor is to stay away from it and go to an internet cafe for websurfing, and for communicating, use retroshare.

I noted before some of the things that they said. But an new interesting thing is this

Drake: "google has developed a very good relationship with the NSA since 9/11. I was personally responsible to install a first device at their quaters."

and

"google has extremely good relationships to NSA, which are topped only by Microsoft. Usually, one does "such things" only with the head of research or the IT department. The management hears "these things" only in a very filtered way"

and then he coins the term "nine eyes" where germany would be part of resulting in secret treaties with BND.

So I'm on another site and it asks for my email and I suddenly stop and think WHY THE HELL DO SITES WANT EMAILs? I mean, if there's no account to log in to, like there isn't on this site.

FACTS: I never type a working email address. I don't even use email anymore, don't need it. Also don't accept Cookies or run un-white-listed scripts. Always use private browsing mode, https everywhere, AdBlock+, and my functionality is still pretty pretty good. When sites won't work, I leave the site, and in doing so I leave it to their ppl figure out why from the ip logs, if they're even looking. I can't do much, but I can do this. The web is broken, and all I can do, imo, is send out a signal by not using it all, in certain noticeable ways. Ways that are costing companies money, if not much.

So: why are people like Mr. Schneier even asking for emails, as if it provides a form of protection, when it clearly doesn't?

To me, this has the potential to make the site look unprofessional, considering who runs it. Please Mr. Schneier stop asking for email addresses, having made it clear enough that you don't actually want them, especially while the NSA is making it clear they DO. It makes YOU look like you're running a honeypot site where the nsa can come to scape user data! If you want to be paranoid, that is.

I wish it was that easy. Congress has roughly a 10% approval rating yet 90% get re-elected. Gerrymandering and big money pretty much outweigh our votes. The soldiers that fought for us decades ago in WWII or other wars, though most have passed, would be devastated that they fought for our freedom against totalitarian governments only to find that ours is becoming/has become one. It's a true tragedy, I'm afraid of what it would take to fix it.

@Benni:

I like those Pringles can thingies that can make it so you get WiFi at a longer distance. That might be a way to implement your strategy and truly anonymize yourself. If you show up a lot on the surveillance cams at a coffee shop, anonymity could be compromised. Else, that sounds like a decent strategy.

@DB, Benni, ect:

I'm a bit surprised that Skeptical hasn't put up any apologist comments on this post. Any thoughts?

What do you think is more likely: that they have the keys or it's in plaintext? Why would data that was encrypted end up in plaintext going through the backbone? It seems to me that decrypting it would be pointless unless you were forced to do so. If they have the keys, it would be obvious that the victims were forced to surrender them (or bought off). Given that, what should we conclude? Clearly it doesn't make much difference because it has the same result either way, but from a political standpoint, it could make a difference.

Second leaker is unnecessary speculation. Appelbaum has access to all the Snowden docs and that's where this is coming from. Anybody saying he didn't see this in HIS set of the docs simply doesn't have an exhaustive set.

If this stands up I hope one of the orgs (EPIC, EFF, ACLU etc.) use it as a platform for a class action suit. The federal judiciary is very big on if the plaintiffs have standing in a suit and I can tell you that there are a lot of US citizens that have visited Linux Journal and the Tor foundation. So if those of us who have are truly logged in the databases indefinitely and tracked based on this lets get the lawsuits rolling and sign me up. I can't imagine what the NSA thinks of us that have run Tor exit nodes if this is how they react to people just doing research or exercising their curiosity.

Anyone remember Appelbaum's insinuation that the NSA could remotely exploit the iPhone back in December? Besides the fact it wasn't true (close access is needed), we knew then that Appelbaum had Snowden docs that Greenwald did not, per Greenwald's comment that he provided no documentation to support Appelbaum's story:https://twitter.com/ggreenwald/status/417325532980580353

So, again, why posit a second leaker? If there's a second leaker, there was one back in December. Appelbaum has done a second story using docs he never got via Greenwald. No news here.

"I do not believe that this came from the Snowden documents. I also don't believe the TAO catalog came from the Snowden documents."

The TAO catalog and this both came from Appelbaum? We can agree on that, right? After all, Bruce did at one time write "Der Spiegel has a good article on the NSA's Tailored Access Operations unit... I'm really happy to see Jacob Appelbaum's byline" right?

What did Appelbaum say in July of last year? "In mid-May, documentary filmmaker Laura Poitras contacted me... At a later point, I also had direct contact with Edward Snowden"

So Appelbaum had "direct contact" with Snowden by his own account but Bruce doesn't believe this is from Snowden docs?? Why on earth not?

As an aside, could "direct contact" be in person? In Hong Kong? Remember Snowden lied to Greenwald about checking into the Mira on May 20, he actually didn't check in until June 1. Between May 20 and June 1 he could have easily been meeting with Appelbaum and/or other Wikileaks people. We know Snowden met with Russians in Hong Kong in June.

Snowden claims he gave everything to Greenwald and Poitras and did not take them with him. Bruce also had access to some of the docs. If Snowden was the source they would've said so, however were cryptic about it when asked about the latest XKeyScore source leak. Obviously somebody else is leaking material.

"This marks the first time that actual source code from XKeyscore has been published. ARD did not say how or where it obtained the code. Unlike many other NSA-related stories, the broadcaster did not specifically mention the information being part of the trove leaked by whistleblower Edward Snowden."

Applebaum works for Tor, why would he delay publication of such information for so long?

Cory Doctorow merely states:

"Another expert said that s/he believed that this leak may come from a second source, not Edward Snowden, as s/he had not seen this in the original Snowden docs; and had seen other revelations that also appeared independent of the Snowden materials. "

Putting on my Oliver Stone cap: if there is a second leaker they may have been emboldened by Snowden, as Cory suggested.

Or, they may work for the US government or another government and be attempting to get close to some of these people.

It may be genuine material, it may not be. Maybe it is a mixture, or will be. Of genuine and false material.

The information giver may be working for a government and merely try and control the tide of information, or disinformation. Maybe they see a secondary angle of confusing the US.

It could just be some person performing a hoax.

Surely the source code is watched well? Surely the list of suspects would be ordinarily small? Or maybe not?

I can not read German, but do not see any reference to any source in the article at all.

I am not sure how common that is in German papers. It is not common with major english speaking papers. They will at least say something about their source, as much as they can.

Relying on a single source is a tricky situation in any journalistic pursuit.

OK, so I figured it out.
There's a move by the US to block any media outlet from disclosing anymore Snowden documents. Greenwald has been working 3 months on "the biggest Snowden story to date" and was stonewalled by the US through these rulings and is sitting on a bunch of stories.

Instead what they are doing is dumping docs to other countries (Germany). This is why they are coy about the sources and didn't deny or confirm Snowden was the source of the code leaked. Legally they can't confirm it.

Obviously Greenwald would not give docs to Appelbaum when Appelbaum is prone to just dump them wholesale.

"Snowden claims he gave everything to Greenwald and Poitras"

Snowden can't get his story straight here and the claim accordingly means nothing. For one, Spiegel reported on July 19 last year that Greenwald "told host Reinhold Beckmann that he and journalist Laura Poitras had obtained full sets of the documents during a trip to Hong Kong, with around 9,000 to 10,000 top secret documents in total." Nobody currently believes that 10K constitutes a "full set". For two, AFTER he parted ways with Greenwald he told the Chinese "the United States government has committed a tremendous number of crimes" against your country and proceeded to give specifics of US ops in China (which Greenwald later excused as based on "a need to ingratiate himself to the people of Hong Kong and China.") So that leak to the Chinese was obviously not out of any docs Greenwald supplied but from Snowden directly.

Snowden also told Brian Williams that he ensured that the Russians would not get their hands on any documents not by having first given them all away to journos in Hong Kong, but "by destroying the material that I was holding before I transited through Russia."

How do you destroy something that you divested yourself of by giving it away? What Snowden told Risen of the NYT and what he told Williams of NBC accordingly contradict.

"If Snowden was the source they would've said so"

No, they would not. They don't want journos asking Appelbaum just when Snowden supplied him.

Source code from the NSA's XKeyscore program, published today by German public broadcasters NDR and WDR, shows the US intelligence services specifically monitoring connections to a server on the premises of the internationally renowned Massachusetts Institute of Technology (MIT). The monitoring of connections to an MIT graduate’s server on the university campus is part of the intelligence services’ attempt to particularly focus on users of privacy software on the internet. The computer server is owned by US citizen Roger Dingledine, the creator of the Tor anonymity software. The IP address of the server operated by Dingledine is clearly defined in the source code as targeted object.

I also believe that this is based on Snowden docs, since one of the main reporters of the story - Jacob Applebaum of Tor-fame - has been working closely with Laura Poitras on NSA-stories for the Spiegel magazine and public broadcasters in Germany.

Our analysis shows that 80% of all types of users may be
de-anonymized by a relatively moderate Tor-relay adversary within six
months. Our results also show that against a single AS adversary
roughly 100% of users in some common locations are deanonymized
within three months (95% in three months for a single IXP).

I believe that is the attack which the NSA deploys on tor users. Like Binney suspected yesterday, they are attacking the entire tor network....

Regarding the recent XKeyScore leak I suspect the leak could actually come from a German source. Last year it was mentioned that the BND and the Verfassungsschutz had access to XKeyScore at least "evaluation purposes".

Snowden gave Poitras and Greenwald 200,000 estimated docs, and kept the rest. He claims he didn't give it to Russia, so it's likely Assange has got control over it at the Ecuador embassy or some other wikileaker who met with Snowden in HK. Whoever has the remainder of the docs is now leaking them as the media has been gagged. These people are threatening to dump them all en masse July 4th (it also could be Greenwald, he doesn't deny or confirm it).

Regarding a "second leaker", I think it's most likely Appelbaum got the files from Poitras.

Another idea:
Once I read Snowden's posts on Ars Technica. Even considered the posts are years ago, my personal conclusion was that his technical skills are much too limited that he could steal all the data undiscovered without help.
But I confess this is a plain conspiracy theory. Maybe you like it. :-)

If any so-called 'full dump' really does "become our reality" for this summer... Is there any reasonable way to verify some sort of authenticity of any part of it? Even if any of the Appelbaum, Greenwald, Poitras, Schneier, et al. team aren't complicit in the whole scheme of things... How can you be sure that what you're seeing is the real thing? How hard of a proposition would it be to believe that such a feat is the result of at least a year's worth of the careful culling of pseudo-sensitive materials covering a limited amount of the 'accepted discourse' that's currently come to be available for common consumption in these interesting times...
(If you're still confused, this link may either clear some things up or muck 'em up even more..: http://www.theregister.co.uk/2014/06/30/remaining_snowden_documents_will_be_release_to_avert_war_cryptome/ )

@Name (required)

Please Mr. Schneier stop asking for email addresses, having made it clear enough that you don't actually want them, especially while the NSA is making it clear they DO. It makes YOU look like you're running a honeypot site where the nsa can come to scape user data!

Why would data that was encrypted end up in plaintext going through the backbone?

You seem to be asking about project MUSCULAR (or one of many other possibilities)...
Please see: https://www.schneier.com/blog/archives/2013/10/nsa_eavesdroppi_2.html
Long story short - Google used to route their 'internal' data amongst their own facilities unencrypted (whether it was never encrypted to begin with, or encrypted only on the shortest hop will be left as an exercise for the reader)... Presumably because bandwidth at that scale is so precious (proper encryption will add at least some slight overhead), but then one would have to assume that the 'Google' "Engineers" knew next-to-nothing about anything that resembled traditional security... Which is unfortunately false!

@Brian Dell

Second leaker is unnecessary speculation. Appelbaum has access to all the Snowden docs and that's where this is coming from. Anybody saying he didn't see this in HIS set of the docs simply doesn't have an exhaustive set.

That sounds like a good bit of speculation... Even in light of your additional (twitter) sources... Who's to say that Snowden didn't give differing document dumps to different documentarians? As a matter of fact, this would be quite SOP for any (slightly) intel-minded agency!

Defending (Tor/SSL/PGP/Crypto...etc...) and Attacking (NSA/CIA/Hacking Team...etc...) is not something magical. Defending while using proper OPSEC is ABSOLUTELY IMPORTANT. An unencrypted cookie or an unecrypted connection would be the single breaking point in any attempt to deanonymize your own identity. Re-using identities are also a significant problem just like re-using keys. Someone could figure you out after sometime of constant using of the same keys/identities.

Trying to quickly conclude that Tor or Retroshare is a backdoor or if these programs are not secure without substantial strong research data only causes more confusion and insecurity. More research and penetration testing have to be openly carried out and published to give a better overview on the security margins of these programs.

Regarding online privacy, if you are willing to post something onto the public network, you must have preparations or some expectations in you that you are releasing some personal information and opinion which someone can later learn more about you. If you don't wish to be traced, don't post anything or take care to control the information you publish. Once the 'Submit' button has been hit, you have no more control.

The reason Retroshare is perceived as "more secure" than Tor is because communications are routed within the Retroshare network internally and has no sccess to normal Internet. The use case for Tor is different, one of the use case of Tor is to route traffic through the Tor network and finally exit and connect to an Internet website or service thus, the weak link of Tor is due to it's use case of transferring data from a secure link (within Tor) to an insecure link (Internet) as it's core use case whereas the core use case of Retroshare is to route all messages and host it's self-contained forums, P2P utilities within it's own secure network thus it has no link to the insecure (Internet) link thus security/insecurity is simply due to use case.

Using secure machines as end points would offer some protection and trust that the endpoints can be reliably trusted to relay messages but here's the catch, if the relayed messages are insecure in nature (accessing a non encrypted or partially encrypted resource) would simply defeat and make traceable the person who issued the request. The only way to fix it is to encourage all websites to go HTTPS by default and use strong ciphers and proper OPSEC.

Security is always hard to implement even for banks and government agencies thus the numerous headlines of government computers being hacked and bank accounts being stolen.

Most of these security issues are attributed to bad OPSEC habits and human issues ... not the ciphers.

Tamper resistant/evident devices with open hardware designs and open software/OSes can be used as Tor endpoints and to add on top of it, these secure tamper resistant Tor endpoint devices should also encourage sharing of network space (in another partition in a subtle manner) so that tracing to that particular device would yield plausible deniability.

@MaybeASpy: While german papers (and in this case: TV news outlets) unfortunatelly aren't as thorough with mentioning their sources as their american counterparts, I strongly believe they would have mentioned the source if they could. Thus I assume this might well be a source other than Snowden.

Note that the Federal Prosecutor General of Germany previously stated that there is no "initial suspition" for foreign spying missions (yes, despite all that's been leaked by now) on german citizens. That was the reasoning behind his decision not to start an official investigation on foreign spying activities.

This student's case possibly might put some pressure on the Federal Prosecutor General and thus lead to an official investigation on NSA (and GHCQ) spying.

Which might in turn enable the BND to put more pressure on the NSA in order to someday become a closer ally.

What's also noteworthy here: This was disclosed by effectively "state-owned" national TV, which is definitelly closer to the german government than e.g. Der Spiegel. What I'm saying here is that the chance that this was disclosed under the eyes of the BND is higher as with Spiegel-disclosures.

I always use my real name when putting stuff on the Interwebs. This is why:

'Or else it doesn't, you know. The name of the song is called "HADDOCKS' EYES."'
'Oh, that's the name of the song, is it?' Alice said, trying to feel interested.
'No, you don't understand,' the Knight said, looking a little vexed. 'That's what the name is CALLED. The name really IS "THE AGED AGED MAN."'
'Then I ought to have said "That's what the SONG is called"?' Alice corrected herself.
'No, you oughtn't: that's quite another thing! The SONG is called "WAYS AND MEANS": but that's only what it's CALLED, you know!'
'Well, what IS the song, then?' said Alice, who was by this time completely bewildered.
'I was coming to that,' the Knight said. 'The song really IS "A-SITTING ON A GATE": and the tune's my own invention.'

I can assure you that I am Prinz Wilhelm Gotha Saxe Coburg, but what my name is called, I cannot divulge. My name might be called Willy, it might be Duncan, it might Djugash, it might be Charles ... my name might be Thomas the Rhymer, Honest Fred, or something I have long since forgotten because I was drunk when I found out ...

As I noted above in this thread, the nsa monitoring tor user just means that they are doing this kind of attack, which has proven to be able to de-anonymize 80% of all tor users with only one monitored relay in 6 months.

If you want to surf anonymously, get to the internet cafe of your choice.

With tor, you talk to servers like exit nodes and relays that the nsa may monitor or even operate, and wherre several of their targets can be found. This is an attack vector.

Then, you are communicating to webservers on the internet where you browse to that are difficult to verify personally. NSA can fake google certificates without the browser noting it. https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html
And it can therefore fake the certificate of your site. this is another attack vector.

When you want to reduce attack vectors you have to:
a) communicate directly only with persons that you personally know
b) strongly encrypt that.

From a security point of view, tor is simply awful. Like a honeypot. The slides with "tor stinks" come from gchq, not from NSA, and it maybe that at that time, GCHQ did not know how to de-anonymize tor users. But the work showing how this is done, can be downloaded here:

Tor was built for hiding from companies tracking you. Against an adversary like the nsa which can monitor the entire net, the ansatz of tor is almost useless.

Yes, doing the attack cited in the above paper costs them some bit, but when their goal is, e.g. to blackmail a pedophile banker or politician, then the cost of a tor attack is very low compared to their gain.

I personally think that we should declare them a real war. And for that, their cost of using tor ist way too low.

Do your browsing from internet cafes, and as often as possible, just use retroshare. Then they see pgp encrypted content in their data, but funny ones, encrypted with 4096 bit keys, where they can not attack by monitoring some single exit node or directory server.

retroshare supports email, voip, chat and file exchange.

So: Drop your phone away.
NSA collects only metadata with your phone. Have encrypted voip talks over retroshare. The NSA just sees pgp encrypted content and can not deduce whether it is a phonecall or something else. So they would loose much of their metadata abilities using retroshare.

How would the NSA analysts look if all email, voip, chat and file exchanges would be pgp encrypted with 4096 bit keys! With retroshare, this can happen.

The problem is that they could use metadata from where and when you send encrypted stuff.

Maybe a combination of retroshare and tor could make this kind of collection harder for them, just for scrambling your ip data a bit. If they de-anonymize this, fine. They would only get encrypted retroshare data.

Unfortunately, a large problem with tor is that there, users are still connected to websites that they do not personally know, and so they can not verify them. NSA can give you a faked certificate of a google server and your browser will apparently accept it: https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html in order to reduce this attack vector one simply has to communicate more with people that one knows personally, whom you can easily verify. Tor does nothing against this grave security problem.

Therefore, you should start with retroshare to first encrypt your data, maybe running retroshare ontop of tor.

What a bullshit. NSA just has the IP address, not the name/person. Does it mean the ask the internt provider for the name matching the IP address at that time? and does it mean the internet provider works together with NSA? Then why didn't leak this information earlier?

If half of what Jake Applebaum said is true, then the NSA and its enablers have been infected with mission-creep to the point that they are uncontrollable.

The NSA and other TLA’s have declared martial law on huge portions of our citizens similar to power grabbing monopolizing oligarchs of the 1940’s.

The NSA and it enablers don’t honor the US Constitution. The NSA with the help of wealth corporations, lawyers and politicians twist the Constitutional laws into weapons to subjugate their citizens and promote their own expansion.

“…make them work for it [Discovering your identity]. Then spend every effort to make all of these butt sniffers unemployed and impoverished - with zero chance of significant re employment. You do this by threatening Congressmen. Make their lives pure hell if they don't can these creeps. Cut their funding to zero. And state representatives? Look at the efforts in in UT, MD others to cut off their water and power.” – Reciprocate

I agree with that idea.

I would like to see the NSA’s budget cut in half or more. Hit them were it hurts – in the wallet.

Use encryption because it makes the spy agencies work much harder. The NSA and their counterparts are capturing everything (digital, voice, and even the front and back of every postal letter) so there is nothing much to lose.

Further, there is a huge opportunity to spread misinformation and the NSA will lap it up like a kitten to milk.

There are plenty of spy tools that can be used against spies. And, there many spy tactics that can be used against spies [I am sure some of you can think of many of those tools and tactics].

As for those of you who use of TOR, the risk/reward ratio is up to each individual to calculate. TOR is detectable and has it weak spots - but is proven to be fairly effective. I will say that I would like to see the government out of the TOR funding loop and a true privacy advocate [with the financial means] fund the project.

Benni links are very damaging. Until they are proven incorrect or NSA/BND hydra is stopped I would suggest starving the NSA/BND monster by NOT using their corporate partners and moving IT resources to a neutral country [You can find the NSA's corporate partners with some reading].

@Winter: Fun fact to add: They caught the BND agent when he made contact to russian services to later find out he has been selling to the NSA all along :)

That story makes it more likely that the source this time is indeed in Germany. Disclosure by german state-owned TV only hours apart from discovering the spy. Plus this is absolutelly believable, because the BND has had access to XKeyscore, as was mentioned by Vinzent.

Those wondering why Linux Journal would have been targeted should read this Intercept article on the NSA's targeting of system administrators. They are not just target "bad guys;" they *are* the bad guys. They want access, and they get it any way that they can, and sysadmins are some of those who have it.

I've been saying this for quite a few years now and why, which I will repeate again.

To understand why the first thing you have to appreciate is that the Internet has a very centralized architecture, that when mapped geographicaly should raise serious alarm bells in peoples heads, just from a quick glance.

You will see that it's near impossible to send international and in many cases national traffic without going through a "choke point" in the US, Five Eyes or Five Eyes Plus (FEP) nation all of which are generaly regarded as White Anglo Saxon Protestant (WASP) nations, who see all others as a threat. Thus nearly all TOR traffic can be seen at both ends by the NSA irrespective of how it's been routed within TOR. This capability has existed for over a decade, so I suspect TOR de-anonomising has not realy been of interest to the NSA et al untill the past five or so years (which might be due to it's lack of use by those the NSA et al have an interest in untill more recent times).

No other countries have this level of connectivity which is why TOR use by US and other WASP nations intel organisations in non FEP or WASP nations is relatively safe.

Not understanding the above will lead you to a whole world of pain, and it's something most companies selling "secure solutions over TOR" or any similar anonymity network either don't understand or chose to hide from customers to make money.

The reason for this is the problem of "Traffic Analysis" which I and others have mentioned somewhat repeatedly over the years. TOR is particularly susceptible for three main reasons, which is why their site mentions the susceptibility to "timing attacks". The three reasons are,

1, TOR is designed for low latency.
2, TOR end points are not with users or services they access.
3, TOR does not do "link stuffing".

Untill these issues are solved [1] TOR use by those subject to FEP or friendly to FEP nations jurisdictions --including all WASP nations--, should consider it as a minimum, as target practice at their lower extremists, even if not using it for illegal or questionable reasons. TOR use is painting a target on yourself, so use for illegal activities is at a minimum like playing Russian Roulette every time. At some point the downside odds will cross your mind fairly rapidly and painfully as has been seen recently with the demise of Silk Road and the probable "parallel construction" of the "got at download".

Please don't say that you have not been warned, because you have.

[1] If you look back on this blog I've mentioned several times the solutions to these problems, and in most cases they are quite trivial if people are propared to accept the changes and a few provide the additional infrastructure.

The American Stasi -- the NSA & company -- are the stupidest people ever. I mean, of course they're evil totalitarian extremists, but that isn't my point; my point is that they're *stupid*.

They're making all the same mistakes as the *original* Stasi. Honnecker's regime collapsed overnight because it was hated by so many, even by most of the Stasi members, and it was hated because it was so stupidly, pointlessly abusive.

The NSA & the other spy agencies seems to be suffering from "if all you have is a hammer, every problem looks like a nail" syndrome. Extremely narrow focus. Inability to see the bigger picture.

Having alienated everyone in the world, the major threats to the NSA regime will come from sources they cannot possibly anticipate. Such as their own employees. Oh wait -- that already happened!

They're making the classic mistake of looking at mass movements driven by complaints common to almost everyone -- the entire world turning hostile to them -- and mistaking them for fringe, minority movements which can be suppressed.

This is madness, geopolitically speaking. But then I suspect they never studied history or geopolitics.

NDR and WDR are two of the many state driven broadcast services in Germany. North German Broadcasting (NDR) and West German Broadcasting (WDR). These state driven broadcasters together operate a common broadcasting service of Germany, ARD and their daily news broadcast "Tagesschau" is the most seen tv news broadcast in Germany.

The BND double agent arrested today for spying on the German parlaments NSA inquiry was avoiding taxes if he had a secret private contract with the NSA, maybe this is his main felony. :)

@ LessThanObvious: There is no benefit in my mind to making it harder for intelligence agencies to judge what is a potential treat and what is ordinary communication.

Could you not, by the same logic, argue against the sealing of envelopes that are sent through postal mail? And any number of other examples of private communication.

It is worth fighting for the right of all Americans to communicate freely without being watched, but it's better to just communicate openly and let them listen than to go underground and behave like criminals.

Kind of circular reasoning there, no? Your argument is based on the premise that merely taking measures to achieve private communication is behaving like a criminal. Since you merely assert this premise, this would appear to be a prime example of begging the question. (In the true sense of the phrase, not the corrupted one that has become rampant.)

If people don't want to be watched then simply say as much to your congressmen and senators.

It's that simple, huh?

Don't like something? Just complain to your (corporate-and-other-special-interest-owned) elected representatives and all will be fine.

There was no need for the obnoxious and immature reference to the poster's mother. You could have made the same point (and more effectively, at that) by merely asking the poster whether, by his logic, he would object to the placement of cameras in his own bedroom and bathroom.

He has sold between 200-300 documents during the year 2012-1014. They payed him 10.000 euros. Interesting is how he came into contact with them: Through an email to the US embassy.

So, if you are in a non-us country and want to work as an NSA or CIA spy, just sent your mail to the US embassy. They will do the necessary paperwork. You do not even need any training or clearance. Now they have to hire a new mole...

@Benni No problem in Germany, as long as the NSA transfers withholding tax for a spys income from such a contract to mr. Schaeubles office in a timely manner! Otherwise the NSA could be accused of aiding and abetting in tax evasion. :)

What Applebaum supposedly said is false in the strict and isolated literal tense... but relatively 100% true.

The truth is not always literal...It may be 100% true. It may be only 100% true under conditions. Those conditions could be to omit context, omit relativity and observe only the literal in pure isolation. So literally true may actually be false.

// START_DEFINITION /* These variables define terms and websites relating to the TAILs (The Amnesic Incognito Live System) software program, a comsec mechanism advocated by extremists on extremist forums. */

Surely in relative context and while ignoring the literal and isolated truth that can be false because it is isolated(omitting of "context" is a condition in itself)...
Surely you can consider that the Linux Journal being "called" an "extremist forum" is true?

Nothing exists in isolation especially in time. Truth is no different.

"They're making the classic mistake of looking at mass movements driven by complaints common to almost everyone -- the entire world turning hostile to them -- and mistaking them for fringe, minority movements which can be suppressed.

This is madness, geopolitically speaking."

That's worth repeating. It is indeed madness. I'm not sure we're quite there just yet (it can almost always get worse), but it's heading in that direction.

Some additional, rambling thoughts:

I don't think the label of "extremist" or "fringe" for those who are privacy advocates or merely curious is unintentional. It seems logical that such language be used to attenuate empathy for the general public and to drive the NSA and its partners toward a more sinister goal: control.

One of the principle reasons to spy on such a grand scale is not always to actually prevent terror or war or humanitarian crises for the good of the governed. Surely one of the goals (explicitly defined or not) is to compile dossiers which can then be used to stifle dissent, assume control, assure obedience to the party line. And then there are other purposes such as serving any of the sundry goals of the current administration in power. But to merely possess such control is valuable to anyone in power, and to anyone who desires such power. Since the ability to spy to this degree is now available, "Why not?", they say to themselves. Man has always used every weapon he has created.

In politics, I observe that the right-wing tends to stand on a platform espousing freedom but bans many behaviors it finds unpalatable; the left-wing tends to stand on a platform espousing tolerance and egalitarianism, but demands utter obedience to a (most often abusive) centralized authority. Neither are desirable, both are hypocritical, especially in their extreme forms.

It's amazing to me that we can put a man on the moon, a rover on Mars, a probe to the perimeter of the solar system and beyond, genetically modify almost anything alive, even coerce the weather, but, we absolutely cannot manage our lives (as a society) with a principle goal being to develop a stable platform that respects individual freedom and establishes justice for all. Like all fiat currency, every system ever attempted has failed miserably, eventually.

Unfortunately, we've colonized the planet to the degree that there is no place left to run to start afresh. We'll have to deal with this problem head-on if we are to win the battle for privacy, freedom, and constitutional rights (I speak of US citizens, that is). Right now, the offense is winning. It's not clear to me what the best solution is. This blog offers some good suggestions, though.

DAVIS: Reports quote administration officials as saying this is going on and it's being done in a way to avoid oversight of the Intelligence Committee. Is there any way—

ROCKEFELLER: They'll go to any lengths to do that, as we've seen in the last two days [during hearings on FISA].

DAVIS: Is there anything you could do in your position as Chairman of the Intelligence Committee to find answers about this, if it is in fact going on?

ROCKEFELLER: Don't you understand the way Intelligence works? Do you think that because I'm Chairman of the Intelligence Committee that I just say I want it, and they give it to me? They control it. All of it. All of it. All the time. I only get, and my committee only gets, what they want to give me.

"I agree that's possible. I posted it here before as a counterpoint to a pro-Tor crowd. It's yet another reason I don't use it if Five Eyes are in threat profile. Might still be good against many other malicious actors."

Unfortunately for me, everyone who violates my privacy is in my threat profile. Why unfortunately?... because it's so hard to defend against the attacks when hardly any of your IT assets can be trusted.

Personally speaking, I'm an idealist on this issue, not a pragmatist set out to achieve a certain goal. I'm not a spy beholden to a certain government, I'm not interested in illegal activities (fraud, child porn, smuggling contraband, etc.), or a seditious lone wolf. I'm a man who works in the IT field and who believes that the US constitution is a contract we've agreed to by merely being born (or naturalized) as a US citizen.

That contract has been violated of late. Egregiously, openly, brazenly. These types of actions will eventually engender lawlessness on a wholesale scale and harm millions on the way there.

it's something most companies selling "secure solutions over TOR" or any similar anonymity network either don't understand or chose to hide from customers to make money.

Tor, at least, has been available for some time completely free-of-charge directly from the Tor Project itself, in an easy-to-use and highly accesible form (The Tor Browser Bundle). In light of this, shouldn't any third-party who charges for Tor automatically be considered suspect?

Financial profit is an obvious and logical motivation, though.

What about the Tor Project, Tails Project and any number of other non-profit entities that promote the usage of Tor and Tails? Would it be unreasonable to question their true motives and goals?

As I believe was noted by one or more previous posters, The Tor documentation does state that Tor cannot protect against a global adversary. Yet, the Tor and Tails Projects, as well as the EFF and any other number of other entities purportedly dedicated to the principles of privacy and freedom, etc., actively promote the use of Tor to residents of "Five Eye" countries.

@Tom "While german papers (and in this case: TV news outlets) unfortunatelly aren't as thorough with mentioning their sources as their american counterparts, I strongly believe they would have mentioned the source if they could. Thus I assume this might well be a source other than Snowden."

I think you may be onto something.

Bruce & Cory are both excellent media pundits, they are very experienced and professional. That they are both chiming in on this bolsters this claim for me, though I have no idea on their sources.

On the BND and investigations: I just saw on boingboing that a BND employee has been arrested for spying on behalf of the NSA. He was spying on the investigative committee.

@'linux journal is said to be extremist by the nsa'

There are conditions in the code.

It is searching for tails and linux journal, not just for linux journal users.

Tails is clearly what they are looking for, not Linux Journal.

I am surprised to see so many tech blogs and magazines repeating this same error. Surely they have someone on staff they could have vetted their story to before blindly repeating it.

I do not think you even need to know how to read code to be able to figure this out. I do not think people are stupid. It is not an IQ test. But, they want to believe what they want to believe.

This is detrimental to their cause.

@'the comments are authoritative'

I think the comments were not written with "speaking on behalf of a major US agency in front of the entire world".

With that in mind, in context, the comments are merely pointing out that some extremists may use tails. This is how most people would see this, unless they want to believe something else and will ignore the obvious truth.

These, together, are reasons why momentum on the story would be slowed.

It is the trickiness of subjectivity. A lot of very intelligent people believe some very crazy things because they are very good at rationalizing what they want to believe, even if it is not true.

I also do not think in a spy agency the developer may know the real or full story on what they are tasked with writing.

Their boss may not know.

My guess is they are very interested in finding tails users contrasted with another condition not in the code sample people have. This other condition is very likely involving US government employees and other sensitive people. They are looking for more Snowdens, and likely also for spies and moles.

The unbiased public is likely to come to the same conclusion, or something similar. Not because they are more technically oriented or smarter, but because they have far less bias to cloud their judgment.

@Contrarian viewpoints are spoken only by NSA plants

I am not a fan of the illegal NSA spying. I am more cynical, now that a good year has passed and no reports of extortion or other very criminal acts have come out. This makes it very plausible that these are simply over zealous people who - motivated by money, career, prestige, and maybe even some patriotism - have simply gone too far.

I also believe this is too much power for these agencies to have, which is why these laws were formed. And so even if they are not abusing it now, they may abuse it in the future.

"It's possible that anyone who clicked on this link ...is currently being monitored by the NSA."

No, that isn't possible. Why are YOU writing sentences that I would expect to be read aloud only on Good Morning News programs by attractive blondes?

She has an excuse for referring to an entry in a log as "you being monitored by the NSA" and the nonsense sensationalized spin that puts on it. She has no familiarity with concepts relating to security. What's your excuse?

The "climategate" leaker(s) showed how a real leak is done. I don't trust the information coming from these various personalities (the exception being Bill Binney). Listening carefully to what Bill says is far more revealing than any of the dox I've seen thus far. He's the most credible person in this whole charade IMO.

I am puzzled as to why this story, complete with some of the more obvious errors in the article, are being echoed by some outlets without any apparent question as to whether the material is authentic (much less whether, if the material is authentic, it has been used in the manner described).

The truly glaring errors in the article are things that would easily be caught on a second reading of it. Ordinarily I give the benefit of the doubt, but as they have stood uncorrected for some time now, and were quite obvious in the first place, in this instance I suspect the "errors" are a deliberate effort to attract attention to the article and to spread rumors about the NSA.

Regardless of whether you consider the goals of this exercise to be laudable, this diminishes the credibility of the article (in my eyes at least).

We can start with two initial branches: (1) Material is authentic and (2) Material is fake, and from these branch other possibilities.

So (1) Authentic -> (1.10) Snowden material or (1.20) Second US leaker material or (1.30) Foreign government leaker material or (1.31) Foreign government deliberate disclosure etc.

From each of those, we can branch out further. If 1.10, then we can ask whether this release breaks with an original understanding Snowden may have had with those to whom he released the material, or whether this is according to plan... and so on.

Obviously (2) Inauthentic has a large number of further branches as well.

But at this point, I do not see any reason to accord it authenticity.

The most disquieting possibility is that this is a deliberate disinformation exercise on the part of ideologically motivated non-state actors.

If so, then these actors are similar to the more violent anarchists who sometimes show up at otherwise legitimate protests and undermine them. If so, they should be exposed and shut down quickly, before they poison the credibility, and legitimacy, of those who are making reasonable arguments and proposals for change.

I write this, moreover, as someone who frequently disagrees with those reasonable people. Why would I want their credibility protected? The simple answer is that I realize that I am fallible, and that it is important - vital in fact - to have reasonable opposition. When I am wrong, then even if that reasonable opposition cannot change my mind, perhaps they can muster enough support to get the right thing done.

The more complicated answer is that the slender core of authentic public discourse must be defended if democratic politics is to have any hope of leading to reasonably correct laws and policies. And it must be defended, at times, even against one's allies.

I think of NSA leakers it's in this order: Snowden's *docs*, then Binney's testimony, then the rest with skepticism. We also can believe certain docs from Wikileaks, Cryptome, LeakSource, etc are authentic when US govt reacts like they are.

No guarantees as there's still risk of realistic forgeries or modification of data in otherwise real material. My above heuristics seem to work fine, though.

But, if the government reacts "this way", does that really not confirm the validity of faked material? In a counter intelligence operation (or even normal intel operations) the reason why defenders so often are so vehement is: because they do not know and are consistently told a lie.

This is also true when attempting to estimate whether it is true or not by the damage done.

These things said, to be clear, I do actually agree with you. I think that the government's reactions and the damage done is all very real. Further, the likely advantage from such an outlandish operation seems to be next to nil.

"I am puzzled as to why this story, complete with some of the more obvious errors in the article, are being echoed by some outlets without any apparent question as to whether the material is authentic (much less whether, if the material is authentic, it has been used in the manner described).

The truly glaring errors in the article are things that would easily be caught on a second reading of it. Ordinarily I give the benefit of the doubt, but as they have stood uncorrected for some time now, and were quite obvious in the first place, in this instance I suspect the "errors" are a deliberate effort to attract attention to the article and to spread rumors about the NSA."

A number of tech blogs, including some more popular ones such as slashdot, continued the error 'the nsa is blacklisting all linux journal users as terrorists'.

You can see for your self by googling Google News and see just how many outlets made this mistake.

Why have they all done this? Why are hoaxes ever reported as real? Why are news agencies ever yanked into headlines or a story that is not as they are reporting it?

The error is as common as it is to not do due diligence on any story. Applebaum is an authority. It is a holiday weekend in the states. They messed up. They wanted to believe what they wanted to believe. They were biased. They were sloppy.

Above, on this very forum, you see multiple posters repeating the same mistake, even after it has been shown to them it is a mistake. I do not think they are consciously trying to manipulate the information. I think they leaped before they looked because they wanted to make that leap 'oh so very bad'.

Very simple explanation, very probable likelihood.

Much moreso then Applebaum, slashdot, and all these other journals consciously going, "This is fake, but it will make the NSA look bad, so let us run with it!"

Contrary to that, it is not in their best interest to repeat easily verifiable mistakes. It dampens their integrity. It makes clicks, at first, but people learn of the mistake and next time they listen to the erroneous source just a little bit less.

Take Cory or Bruce. If they made such a mistake on an international piece, it would be damaging to their career.

Though, this highlights another 'good reason' here this mistake happened and continues to be reported. The NSA are the bad guys here. People may ignore their bad actions, but they are not zealous about encouraging it. Nobody is cheerleading them. This is not climate change or evolution where there are two big parties constantly looking to seize upon a mistake the other guy makes.

"The most disquieting possibility is that this is a deliberate disinformation exercise on the part of ideologically motivated non-state actors."

Whoever - and maybe it was just Snowden - proved their self to Applebaum and company, they probably were well vetted. Enough so that they surely ran with the story.

How could someone fake that? Could a hacker fake that? Would they? Of course, there are several strong weaknesses here: there is only one source, the source has a legitimate reason to be poorly vetted because their own organization would be strongly against any leak, and the target the source is reporting to is very biased and so very inclined to believe what they so badly want to hear.

So it could be a hoax. It could be from a foreign intelligence agency who had real access to the source. It could be from US intelligence giving some fake data to control the conversation.

It could be from Snowden. It could be from some new Snowden.

Everything at this juncture is just theory.

It is odd they mentioned nothing about the source whatsoever.

It is also odd that, if from Snowden, why would Applebaum sit on this material for so very long when it directly deals with the very company he works for?

The so-called "threat profile" will always include all of the major players... Just because the western establishment's HUMINT is decidedly awful, doesn't mean that other groups are struggling with similar problems... With this amount of power concentrated in such a small secret space, it's bound to draw in some self-servers & turn those who would be enthralled by said greed/money/notoriety/opportunity/power...

I honestly wouldn't be at all surprised to learn that there are Al Qaeda/BND/CIA/Iranian/IS(IS|IL)?/mafia/PRC/Zeta elements operating within and capitalizing upon the vast national 'security' industry.

@Maybe: Whoever - and maybe it was just Snowden - proved their self to Applebaum and company, they probably were well vetted. Enough so that they surely ran with the story.

As you yourself describe well elsewhere in your comment, journalists can mistake the authenticity of material given to them by sources they think reliable; intelligence agencies can do the same; and advocates for a cause even more so. Were they well vetted or were they simply well received?

No one is more willing to purchase a lie than he who already fervently believes its truth. This is a human fault that affects us all.

Now, beyond the question of whether this is mere mistake, I do not have sufficient information to assess the probability of deliberate disinformation.

However, it is hardly uncommon for one convinced of the righteousness of his cause to choose to tell half a story, or a pastiche of different stories as a single story, should doing so advance that cause.

Moreover this conduct may be rationalized: though the story may literally contain falsehoods, it ultimately conveys the truth in the mind of the teller. No matter if portions of the code were faked, or taken from context and stitched together - they convey the truth, and that's all that is important.

Or so goes the rationalization.

Those who view themselves first and foremost as journalists will find that rationalization harder to hold; those who view themselves as advocates first, and "journalists" second, will find it easier. The latter, who are really pamphleteers and free-lance columnists, not journalists; their mission is persuasion, not the careful crafting of dispassionately truthful dispatches.

I respect moral courage, even when I disagree with the cause. I respect tactics and strategy, even when I would seek to defeat them. And so I write none of this with malice or disrespect.

I write it with concern that our discussions, our arguments, our deliberations, our internal struggles with the issues before us - and anyone who has not found these issues difficult has not grasped them - be based so far as possible on facts and on logic; and that our communications be not so driven by strategy that we cease to have a conversation, and rather substitute public posturing for an authentic discourse.

How could someone fake that? Could a hacker fake that? Would they? Of course, there are several strong weaknesses here: there is only one source, the source has a legitimate reason to be poorly vetted because their own organization would be strongly against any leak, and the target the source is reporting to is very biased and so very inclined to believe what they so badly want to hear.

Precisely and well put.

Everything at this juncture is just theory.

Fair enough, and also true.

It is also odd that, if from Snowden, why would Applebaum sit on this material for so very long when it directly deals with the very company he works for?

I can not answer that last question. That really sticks out to me.

This is an extremely interesting and good question.

It may depend on understandings developed between Snowden, and those to whom the material was distributed, as to the manner of publication. It may also depend on the dynamics of Appelbaum's relationship to Poitras, Snowden, and Spiegel.

Finally, it may reflect the changing views of the more ideological, and less pragmatic, members of the Snowden material group.

By this last point, I mean that suppose you believe that all forms of government are merely different degrees of tyranny, and that it is vital that all governments be denied the technological and institutional means of power so often discussed.

Suppose that you are beginning to grow dubious that public pressure will achieve your goals. Suppose that you are beginning to believe that moderate forms of action will fail.

Might not your values incline you to increasingly extreme forms of action? These may range from the dirty tricks we see, to our familiar disgust, regularly in political campaigns to other, more dangerous, endeavors.

Personally, my concern is that the more radical of those who have access to the Snowden materials will eventually, finding the slow progress inherent to democratic politics to be intolerable delay, begin to leak it themselves outside the bounds of original understandings.

This is a danger which I regard as not only possible, but probable. We have seen hints of it in some of the unattributed publications of NSA material already. I fear we shall see more, published with an intention that goes beyond that of informing a public debate.

Quite poignant and powerful piece this is; overall an excellent thesis from you; tons of original (creative and logical) thoughts (I know it's long, but it's worth the read); was not expecting any of that... Until the conclusion! ;-)

With apologies for the consecutive comments, one more thought which occurred to me when I first read this article:

The nature of the story reminds me of Bloomberg News reporting that NSA had known and exploited the Heartbleed bug. When the US Government issued an unusual "no bullshit, unqualified, we didn't know, we didn't exploit" response, Bloomberg later defended the story by arguing in essence that the gist of it was true, i.e. that NSA exploited similar bugs even if not the precise bug that came to be called Heartbleed.

As with the Bloomberg story, this story contain both the cloudy authentication, the unwillingness of the authors to provide clarification, and the somewhat opportunistic bent.

I do wonder (and this is entirely speculation on my part) whether Appelbaum was a source for the Bloomberg story (he, and the author of the Bloomberg story, have had contacts in the past) as well.

Double posts happen ;-) If anyone's gonna get pissed, at least they'll have two to tango with! I thought that that story was a bit odd too... After the NSA made that awkward, out-of-character, full denial; we never really got much in the way of a follow-through on that aspect of the game. :-\

@Skeptical:
"I write it with concern that our discussions, our arguments, our deliberations, our internal struggles with the issues before us - and anyone who has not found these issues difficult has not grasped them - be based so far as possible on facts and on logic; and that our communications be not so driven by strategy that we cease to have a conversation, and rather substitute public posturing for an authentic discourse."

Well, I think those are well founded concerns, and a solid, good direction to carry on in.

'Personally, my concern is that the more radical of those who have access to the Snowden materials will eventually, finding the slow progress inherent to democratic politics to be intolerable delay, begin to leak it themselves outside the bounds of original understandings.

This is a danger which I regard as not only possible, but probable. We have seen hints of it in some of the unattributed publications of NSA material already. I fear we shall see more, published with an intention that goes beyond that of informing a public debate.'

It is possible, but what damage can they really do? When they do make these mistakes they have made, they get found out by them. They are not trained agents of influence, nor masterminds of media manipulation.

They are techies, engineers, with outspoken beliefs. (And I suppose some journalists.)

The journalists, anyway, have editors and strong professional responsibilities in these regards.

They also have editors with strong professional demands on them.

That whole "cry wolf" thing I was talking about: that is very real and the loss of credibility is very serious.

This is why journalists have editors and those editors can be hard noses on them.

You might note the Guardian was about to post a long list of names of who the US Government was using their enhanced spying powers on. The US Government came back to them "on that last day" and told them to please wait. The Guardian did do this, despite the apparent manipulation of the US Government.

Mr Applebaum did not release this information, despite his beliefs. Unless some of that data was that source code he did release. (This is, of course, a distinct possibility. Hardly the bomb shell, however, that the Guardian was planning. And, Mr Applebaum only undercut his own credibility - and the story - by his mistakes. Which reduces, not enhances, mainstream media momentum.)

Frankly, the world has quite a bit going on right now. ISIS and Russia/Ukraine are two big examples there. There are US/China difficulties. Israel is bombing the Gaza strip, after teenagers were kidnapped and murdered. Iran is working on a nuclear bomb. North Korea is, well, North Korea. Nothern Africa is continuing to flare up. On and on and on it goes.

I do believe any one of these stories, people can get too involved in. It can become too personal for them. Too subjective. They can care too much, and in so doing, what appears and should be only more righteousness for their cause, well, it ends up being bias.

It can be noted that there are very real dangers of - as you say - "non-state actors" acting in an aggressive way, posing as "state actors" in a way that could deeply hurt the country. I am not sure that discussing these possibilities helps that.

This is always a problem, and maybe more so in the computer age.

Even if they do not intend to act as state actors, they could be taken as such merely because that is where they are from.

At the end of the day, though, is any of this really a big deal? People just joke about the subject and ignore it. There are some diplomatic rows. Terrorists already knew the US was surveilling them. Anybody who uses Tor or Tails can suspect that there are triggers on those usage that may bring them under more inspection.

To be fair, targeting TOR users for further scrutiny seems pretty healthy approach, if you are NSA. The problem starts when they collect-it-all, and end up drowning in sewer, mostly.

Since those are folks who take selfies at UPS intercept facilities, and brag in top secret presentations, I would not expect much changes. Perhaps, they deserve their own reality show: "Dumb Criminals - NSA Edition".

"But, if the government reacts "this way", does that really not confirm the validity of faked material? In a counter intelligence operation (or even normal intel operations) the reason why defenders so often are so vehement is: because they do not know and are consistently told a lie."

Good point and good catch: I forgot to address the government side. The use of disinformation is always a possibility. There's no sure way to know the difference otherwise everyone would be applying it and disinformation would be useless against main targets. So, how can we be sure each leak isn't disinformation?

The best way is to think about whether it helps or hurts them. For strategic matters, this is hard to decide. For surveillance state, it's pretty easy. They want as much collection, analysis, and use of data as they can without being caught. Each time a method is in public eye, it might be avoided. That's why FBI didn't admit until 2004 that they tracked cell phones without GPS. Many of these leaks are dated in 2005-2008 range, but they hid the stuff. Most of these releases also are believable and damaging to the mission if exposed. So, seeing that, the odds of disinformation is slim to none... from our side. ;)

As an engineer first; I am also a humanist, advocate, and observer of sociopolitical behaviour and proclivities. I am concerned about the level of discourse--as Skeptical suggests--in any number of forums. My problem with that statement is that (as I read Buck's reaponse) is the "geniuine" attempt to come to the table irrespective of biases (I could give a crap about the nature of flavour of internal/programmatic biases).

For too long on this blog pundits, and I considered Skeptical a part of a league, are allowed to spew (and I am fan of free and unfettered speech) without "discourse". To put it another way; "As a scientist I receive and respond (not react) to information and ideas as they become available to me." My views, or better said, opinions are informed from the breadth of available data--not from the data that has been curated (by formal or informal mechanisms).

Only a few on "this blog" have demonstrated a rational or considerate treatment of the facts. The U.S. is populated with a large number of ignorant and superstitious thinking (in the context of the 18th century) individuals and groups. You can be polite (ignorant of facts) or considerate (understanding but still ignorant) and appear to be engaged in discourse.

I find "Mr. or Ms. Skeptical" completely, and I mean fully and unequivocally, disingenuous and self serving in the majority of interchanges that might be considered "discussions". And, I regret having spent more time than I am comfortable with addressing this issue. NO, I will defend and stand for "Skeptical's" right to express her/his concerns and ideas. But, I will call out all the wolves in sheep's clothing.

NDR published 8 minutes later than Tagesschau - (Stand: 03.07.14 17:08) but they published in English and offer a download of the file. I'd guess they're the source of the story. Source of the data? ha.

Did Snowden have clearance compartmentalized to access source code?

My guess is there are several leakers, one within the "inner circle" with the Snowden affair providing an excellent cover.

Fundamental civic functions for which credible assurance as to the security of privacy is paramount: Journalism, and the protection of sources. Attorney/client privilege. When the innocent act of pursuing encryption, or other privacy securing technologies, prompts a government response of heightened surveillance - it sends cynical shivers down the spine of legitimate, private and public activities which are absolutely necessary to ensure the integrity of social institutions paramount to the maintenance of liberty and justice.

The line that folk shouldn't be pursuing encryption, or other privacy securing technologies - because it threatens to obscure and dilute national security surveillance efforts, or because if one is innocent they shouldn't be concerned at all - ignores the very real and legitimate function that individual privacy plays in ensuring our social institutions operate legitimately.

Yet just last month lo and behold Sundvick says she and Snowden co-presented at an event in Hawaii in December 2012. Because she just wanted the world to know? In fact last month Sundvick went to friendly media just days after Greenwald revealed that Snowden contacted him as "cincinnatus" in December 2012. Cincinnatus, you see, was already on the interwebs as the name of the announcer of the Dec 2012 meeting.

Sundvick then gets out in front any media attention on a meeting involving Snowden that previously wasn't disclosed by a PR piece in WIRED. And I call it a PR piece since the byline is Kevin Poulsen who sits on the Freedom of the Press Foundation’s Technical Advisory Board with Sandvik, his interviewee and source for the story.

The point being that the only time you can expect this crowd to disclose a Snowden connection is when it NEEDS to be done for media management purposes.

I think Nick P hits it on the head. Skeptical only applies his criticism to points he wants to discredit. Any uncertainty leads to the unexamined conclusion that his preferred viewpoint is correct.

This is not a philosophical forum on epistemology. Nor is a primarily a review of journalism. Skeptical's points, especially applied with such bias, boil down to sophistry designed to sell the assertion that "These are not the Droids you are looking for." He might as well argue that we don't know the NSA is doing this because we have no absolute knowledge that we are not dreaming our whole experience.

Sure, there is probably some disinformation in the mix. But Skeptical stops at the accusation and does nothing to actually verify his suggestions. His decision trees mean very little unless the possibilities are verified or falsified. He wants to use the possibility of occasional misinformation to discredit all of what we have learned. This is only convincing to the already decided.

We have plenty of evidence that NSA seeks to gather everything, and that it dislikes Tor. Since we are dealing with secret programs that by design are impossible to nail down absolutely, we are going to have to work with preponderance of evidence. This is a much higher level of proof than the government uses to blow people off the face of the earth, and that is not what WE are doing here. We are simply investigating what is going on... And those Droids look awfully familiar.

Sure, we don't know exactly what this code is. That is why a deep examination of the code is fruitful rather than paragraph after paragraph of hair splitting. Sure the code doesn't explicitly say that linux journal is an extremist forum. But anybody who understands rhetoric understands that the juxtaposition certainly suggests a connection. Communication is not always explicit.

For example: If I wrote, "The NSA often hires people to subvert forums through tendentious arguments as employed by Skeptical" I am strongly suggesting that Skeptical works for the NSA by juxtaposition, but I am not actually saying it.

It's just an example. Skeptical actual draws more interest and argument to this blog, which I don't think serves the NSA at all. To me, he remains a mystery wrapped in an enigma, but I think this blog is healthier with him around.

"It's just an example. Skeptical actual draws more interest and argument to this blog, which I don't think serves the NSA at all. To me, he remains a mystery wrapped in an enigma, but I think this blog is healthier with him around."

The best way for most civil liberties proponents to look at his posts is as... practice. He obviously has an agenda and a talent for sophistry. Speculation, anger, etc in NSA opponents only make his posts look better to readers trying to form their own opinion. They will take his side as he will appear to be in the know while the other side appears uninformed or overly driven by emotion. Opponents of surveillance state wanting to *actually be effective* are best off ensuring whatever replies they make to such an individual focus on the facts, speak from the high ground, show respect, and use only the most reputable sources (with references). It's not like I haven't broken a rule or two on this list but... it's still good rules I think. ;)

"In order to allow time for analysis and outside reporting, neither Snowden nor The Post has disclosed until now that he obtained and shared the content of intercepted communications. The cache Snowden provided came from domestic NSA operations under the broad authority granted by Congress in 2008 with amendments to the Foreign Intelligence Surveillance Act. FISA content is generally stored in closely controlled data repositories, and for more than a year, senior government officials have depicted it as beyond Snowden’s reach."

The issue is not intelligence agencies doing what is against their mandate. They know you are their enemy, so it's high time you realize the same of them. Stop playing nice, cooperating, and abetting your foe.

The second ip in xkeyscoderules100.txt is owned by xs4all in Holland,
and is tor.dizum.com.
Registrant is Societe Anonyme Botage (sabotage.org) in Amsterdam.
Most popular domain of sabotage.org is openssh.org.

There is a NSA version [or quasi-version] of the “operator’s rule.” A system’s operator has complete control over the system to maintain it and Snowden may have used it.

[Emptywheel notes]

"...because the documentation on the Section 215 program makes it clear how little oversight there is over tech people just like Snowden. The current phone dragnet order, for example, makes it clear that:

"• Tech personnel may access the phone dragnet data to tweak it in preparation for contact-chaining
• Unlike intelligence analysts, tech personnel may query the phone dragnet data with selectors that have not been RAS-approved
• Tech personnel may also conduct regular queries using RAS-approved selectors
• Tech personnel may access the dragnet data to search for high volume numbers — this may require access to raw data
• Some of the tech personnel (those in charge of infrastructure and receiving data from the telecoms) are exempt from special training on the phone dragnet data"

“The audit language in the dragnet order applies only to “foreign intelligence analysis purposes or using foreign intelligence analysis tools,” suggesting the tech analysis role access to the dragnet data is not audited. Language in the order defining “NSA” suggests contractors may access the data (though it’s unclear whether they do so in a technical or intelligence analysis function); something made explicit in Dianne Feinstein’s bill... it is at least possible that Booz analysts are currently conducting audit-free tech massaging of the raw phone dragnet data.”

If your threat does not include those who control these choke points, why bother. If it does don't use the internet.

As noted in my above comment about the Washington Post "drop box" sometimes you have no control over how the recipient choses to do something, and it's this rather problematic aspect you missed.

The reason "recipient action" is problematic is much wider than TOR it covers all forms of electronic or other communications where you have little or no control over the recipient / second party and none at all over any the third parties they pass on such communications to either voluntarily or involuntarily such as Chinese etc APT at another fairly famous US newspaper...

The now impractical solution of old was to type info onto "fly copy" paper that was previously washed with potassium permanganate, go to a face to face meeting with your contact and once they had read it in your presence light it with a match and let go because it would be irrecoverable ash in a second or two (likewise with a few drops of glycerine which made booby trapping / deadman tripping such a document fairly easy as well).

The two reasons this old fieldcraft is impracticable these days is, (1) no manual typewriters and (2) people just don't meet in "meatspace" these days because they don't have time. Which is why it still amazes me that Ed Snowden managed to get Greenwald to travel to Hong Kong.

Well I guess I should worry, seems I hit on about every account that raises the ire of the "masters". As a former admin, long time crypto-freak, a amateur mathematician, and a researcher (digital forensics and control systems) this would seem to be enough--oh but it was probably when I volunteered to be on the NSA IATF back in 2000 that hit the nail on the head. Can anyone tell me how I can get rid of these permanent red dots off of my hats, shirts, and t-shirts? They seem to be most prominate after dusk, I tried bleach but it doesn't seem to work.

For this type you need to wear a red shirt. Wear a green shirt and hat for the other dots. But best is to duck and run away because I would guess someone (more than someone, given the number of dots) is trying to "grease you" -- Clorox isn't your best friend, under the circumstances!

They seem to be most prominate after dusk

Hmm! So you are a Vampire! You should be safe, then -- professional courtesy...

The doctor in the house has read your symptoms and has diagnosed a short lived but recurrent illness that occasionally is fatal, think of it like "rapid onset shingles" where the best managment of the itching and other symptoms are antipschotic drugs. Also lots of rest in dark rooms without windows as most curtains / blinds / drapes are not sufficient at screening the harmfull wavelengths that bring on the symptoms. It has been known that taking a long vacation without the stress of contacting people especialy in quiet rural or foreign locations can reduce the debilitating stress. Such are the problems with reocurent "Snipers Measles".

I appreciate both Wael and Clive's high caliber diagnostic readings and the dynamite prognosis. Feeling better now, I have had worse (wink, wink). I'll go down to the corner shop and buy a can of colt 45.

"TOR use is painting a target on yourself, so use for illegal activities is at a minimum like playing Russian Roulette every time. At some point the downside odds will cross your mind fairly rapidly and painfully as has been seen recently with the demise of Silk Road and the probable "parallel construction" of the "got at download"."

Was it actually through his usage of Tor that the identity of the operator of Silk Road was revealed?

-The overwhelming majority of sites on the WWW do not use HTTPS (or any other form of encryption or authentication)

(Even the semi-official Tor StackExchange site is only /partially/ encrypted-- at least that's what none other than the Tor Browser itself tells me when I visit said site.)

-The content of any such non-encrypted, non-authenticated site visited via Tor can be manipulated by any exit node via packet injection/ Man In The
Middle (MITM)attacks-- especially when JavaScript is enabled.

-JavaScript is fully-enabled in the default configuration of both Tor Browser Bundle as well as Tails.

-Even when a site fully supports HTTPS, how many people actually verify the certificate (e.g., by using the SHA1 fingerprints)? How many people even know that they should? Is such information, in a clear, easy-to-understand manner and conspicuously prominent place, even found on the Tor Project's web site? Last I checked, it wasn't.

Firstly we don't actually know how the Silk Road owner was tracked down, only what has been said by various people. Thus you should consider amongst other possibilities the use of parallel construction used after the fact to avoide legal issues in prosecution, or he may have been sold out by someone else for immunity etc etc, we just don't know one way or the other.

However it was not the operator I was thinking of but the sellers and users, who after the Silk Road computers were obtained must now think / assume / know that the authorities have other records that can now be used to trace them down, and then become under surveillance themselves.

For instance, the Silk Road servers may well have logs on that although not storing directly identifing information, might well have time stamps sufficiently accurate for correlation over time with individual users etc. We certainly know that physical goods purchased or sold over Silk Road would have source and destination addresses attached. And whilst sellers might well practice some level of OpSec the chances are many of the buyers did not. Thus there is a distinct possibility that various authorities are quietly tracking down as many sellers and buyers as possible before rounding the up or passing details on to other authorities to action in some way such as for "handeling / possession / dealing" without refrence back through the use of Silk Road records or TOR activities.

We also know that attempts have been made to "poison pill" downloads of bundelled TOR software for windows users, so I think it safe to assume that there are several agencies using a broad range of tactics to target users via TORs weaknesses.

Get real. I use a VPN because my neighbor is a network engineer and I have had occassion on an intranet to debug my company's product offering using wireshark, so I have SEEN what anyne can see who is on the same subnet. So get real.

I am surfing with Tor right now because I am between VPNs.

I surf with Tor otherwise because I don't want to be labeled a terrorist for wanting to be a good (American) citizen and educating myself about privacy and security and the privacy/security tradeoff.

Towards that end I actively seek out ALL points of view, doing everything from read mailing lists and blog posts to watching YouTube vids and reading dead tree books. I read POV from lots of perspectives - respected authors and the ACLU to right wing lunatics to left wing lunatics.

Of course I go where people are offering opinions; the goal is to get clarity on what may be THE issue of our times.

What are people of all stripes saying? How are they talking about it? How are people with just average intelligence thinking and feeling about it? What about the left / right wings? What are their beliefs? What are the educated elites saying? Has someone got the *right* perspective or is everyone mostly offering incoherent and confused world views?

Get real.

When I have positioned my self in the security / privacy debate I have come out defending the NSA and the CIA, especially wrt to the fight against jihadiis and other professional nihilists whom I think many people don't realize the deep threat of.

But you're damn right I obscure my IP address and destination to the best of my ability. For one, snoops both casual (neighbor, say) and professional - Axciom et. al. Congress refuses to control their actions in the least and they profile the SHIT out of you.

Think I want my current or future employer to be able to buy some "profile" on me put together by hard-partying assholes who couldn't get a real job with their psychology and anthropology degrees?

Perhaps you've heard of the categories they've invented for people based on their surfing habits? Moher's cellar-dwelling masterbator was one of my personal favs.

Or perhaps you're familiar with "discoveries" the hucksters in the "datamining" community are selling to places like Axciom (sell it baby, sell it!). Think I want the judgements of unseen retards deciding my fate for all my future encounters ?

For two, protection from the lunatic "libertarians" whose day job it happens to be to act as paid sys admins at the places I happen to go and, uh, bash libertarians.

And that's not the nearly the ONLY category of People I Don't Know Or Trust who control a server I happen to alight upon.

So am I supposed to confine myself to front page Yahoo News and Facebook and Pinterest? I can't use the web to explore the world of ideas, personalities, subcultures, lunatics, extremists, political junkies etc etc ? I can't take it upon muyself to educate myself on he important topics of my day and interact with strangers whose opinions I despise and who despise me?

Not everything is about you, NSA. If you're DESPERATE to know who I am, then ask. But really, overall, if what is implied by this leak actually represents your thinking then just GTFU. The world is bigger and more complex than "good" Facebook posting narcissts and "bad" Tor and Tails users.

I say that as an ardent and reiable supporter of your mission as a matter of fact.